CVE-2014-5799
The CVE-2014-5799 entry concerns the Android smart.card (nh.smart.card) application version 3.2, which does not verify X.509 certificates from SSL servers. This behavior enables man-in-the-middle attackers to spoof legitimate servers and extract sensitive information via a crafted certificate. Th...